Event Search

Why Security Leaders Need to Communicate Value More Effectively

March 21, 2016

By Michael Santarcangelo

How effective is your communication? How do you fare when asked to explain security risks? What about when defending the need for investment? Are you effective? How do you know? How do you measure your communication efforts?

A lot of people consider communication a soft skill, yet learning to communicate value is one of the hardest things security leaders face. Getting it right requires translating the complexity of security into something the listener can use, whether or not she/he has any technical capability. This means connecting technical concepts with business goals and ensuring mutual understanding in the process.

Better decisions about risk are facilitated though better communication. Decision makers need clarity on the risks, options, and consequences of whatever they're considering, and they need it presented in a context they understand. Under pressure to "do something," executives and boards seek out this information.

Do they come to you?

Prove your leadership with effective communication.

What is effective communication, anyway?

It used to drive me crazy when people suggested the need to communicate effectively. What does that mean? I started asking people. It's about as confusing as asking people to define leadership, or security, for that matter – a broad concept with a variety of meanings.

Determined to find an answer, I studied everything I could gather over the course of a few years. Once I had a great deal of information at hand, I then distilled "communication" – all forms-- into a simple "progression of communication" that logically fit into one of three criteria. The result is a clear model that explains the three levels of communication.

I'm going to share the progression during the CISO Leadership Summit. An applied model, it offers a quick method for assessing communication. It provides cues to the steps that enable the changes needed to improve.

The difference between structure, substance, and style

Most communication guidance centers on delivery -- how we speak or present, tips and tricks on visual elements and body language.

While delivery is important, it's not the complete picture. A more powerful approach is to consider communication as structure, substance, and style.

Most people focus just on style as a way to improve delivery. Fewer people focus on substance. Substance is the value; it requires an investment to capture and distill value targeted for your audience.But here's the key: structure reveals the substance. Structure guides the process, captures the nuance, and helps people concentrate on what matters.

The CISO summit includes a hands-on session for participants to experiment with a basic five-step structure. We'll even take time to practice, share feedback, and then fine tune – in a closed door environment. It's a powerful way to learn to better capture, distill, and communicate value.

The importance of communication to bring people together

Communication isn't always about telling. Frequently it's about listening. The opportunity for security leaders is to use powerful (two-way) communication to connect with others and influence them in a positive way. We know that means presenting information others understand, in the context that's right for them, and really hearing what we're being told in return. During the summit we'll discuss the different ways to give and get information from other people.

Join us in Orlando on April 3, 2016 to kick off InfoSec World on a powerful footing. Take the opportunity to learn and practice effective communication. Leave with the confidence to articulate your value. Gain the structure to capture, distill, and present value to your colleagues. Prove your leadership by harnessing the power of communication to bring people together.

About the author: Michael Santarcangelo develops exceptional leaders and powerful communicators with the security mindset for success. As the founder of Security Catalyst, he draws on two decades of experience bringing together and working academia, government, and industry to advance security. Focused on elevating and advancing other leaders, Michael shares insights as a published author and contributing editor for CSO Magazine. His work is focused on guiding leaders and teams on the best next step of their journey. Michael will be leading the CISO Leadership Summit that precedes InfoSec World 2016.

MISTI Newsletters

Quick Links

MIS Training Institute is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.